mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-08 13:36:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

jenkins/images: use torcx packages from manifest

Browse Source 
This accompanies the other changes around moving to a torcx manifest.
This commit is contained in:
Euan Kemp 2017-09-06 16:30:41 -07:00
parent cc23e8e49e
commit f496072a10
1 changed files with 21 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
jenkins/images.sh
View File

@ -40,26 +40,28 @@ else
script set_official --board="${BOARD}" --noofficial script set_official --board="${BOARD}" --noofficial
fi fi
# Retrieve this version's torcx vendor store. # Retrieve this version's torcx manifest
mkdir -p torcx/pkgs
enter gsutil cp -r \ enter gsutil cp -r \
"${DOWNLOAD_ROOT}/boards/${BOARD}/${COREOS_VERSION}/torcx" \ "${DOWNLOAD_ROOT}/torcx/manifests/${BOARD}/${COREOS_VERSION}/torcx_manifest.json"{,.sig} \
/mnt/host/source/ /mnt/host/source/torcx/
for image in torcx/*.torcx.tgz gpg --verify torcx/torcx_manifest.json.sig
do
gpg --verify "${image}.sig"
done
# Work around the lack of symlink support in GCS. # Download all cas references from the manifest and verify their checksums
shopt -s nullglob # TODO: technically we can skip ones that don't have a 'path' since they're not
for default in torcx/*:com.coreos.cl.torcx.tgz # included in the image.
while read name digest hash
do do
for image in torcx/*.torcx.tgz mkdir -p "torcx/pkgs/${BOARD}/${name}/${digest}"
do enter gsutil cp -r "${TORCX_PKG_DOWNLOAD_ROOT}/pkgs/${BOARD}/${name}/${digest}" \
[ "x${default}" != "x${image}" ] && "/mnt/host/source/torcx/pkgs/${BOARD}/${name}/"
cmp --silent -- "${default}" "${image}" && downloaded_hash=$(sha512sum "torcx/pkgs/${BOARD}/${name}/${digest}/"*.torcx.tgz | awk '{print $1}')
ln -fns "${image##*/}" "${default}" if [[ "sha512-${downloaded_hash}" != "${hash}" ]]
done then
done echo "Torcx package had wrong hash: ${downloaded_hash} instead of ${hash}"
exit 1
fi
done < <(jq -r '.value.packages[] | . as $p | .name as $n | $p.versions[] | [.casDigest, .hash] | join(" ") | [$n, .] | join(" ")' "torcx/torcx_manifest.json")
script build_image \ script build_image \
--board="${BOARD}" \ --board="${BOARD}" \
@ -68,6 +70,7 @@ script build_image \
--getbinpkgver="${COREOS_VERSION}" \ --getbinpkgver="${COREOS_VERSION}" \
--sign="${SIGNING_USER}" \ --sign="${SIGNING_USER}" \
--sign_digests="${SIGNING_USER}" \ --sign_digests="${SIGNING_USER}" \
--torcx_store=/mnt/host/source/torcx \ --torcx_manifest=/mnt/host/source/torcx/torcx_manifest.json \
--torcx_root=/mnt/host/source/torcx/ \
--upload_root="${UPLOAD_ROOT}" \ --upload_root="${UPLOAD_ROOT}" \
--upload prod container --upload prod container